On Wed, Oct 17, 2001 at 09:42:09PM -0400, Steve Bellovin wrote:

 > The problem is the 'incoming' directory.  My concern is that *if* someone
 > finds a flaw in ftpd (say, a buffer overflow), they could do a mknod in 
 > the upload directory and use that to escape the chroot.  The question is
 > what can I do to prevent that.  I've toyed with adding a 'no special 
 > files' flag to the kernel; I've also checked to see if there's some 
 > mount option akin to nocoredump, but I don't see any.

There is a mount option -- nodev .. you could also add noexec since
the ls, etc. are all built into ftpd, and thus don't need external
programs.

-- 
        -- Jason R. Thorpe <thorpej@wasabisystems.com>